CCSK実際の問題解答PDFには100%カバー率リアル試験問題 [Q35-Q53]

Share

CCSK実際の問題解答PDFには100%カバー率リアル試験問題

CCSK試験問題解答


CCSK認定は世界的に認識されており、クラウドコンピューティングを採用している組織から高く評価されています。クラウドセキュリティでキャリアを向上させようとしている専門家に競争上の優位性を提供します。認定は、個人が安全なクラウド環境を設計、実装、および管理するスキルと知識を持っていることを示しています。

 

質問 # 35
CCM: In the CCM tool, a is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

  • A. Domain
  • B. Control Specification
  • C. Risk Impact

正解:B


質問 # 36
Which of the following is a key component that allows programmatic management of the cloud?

  • A. APIs
  • B. Control Plane
  • C. API Gateway
  • D. Firewall

正解:A

解説:
Application Programming Interfaces allow for programmatic management of the cloud. They are the glue that holds the cloud's components together and enables their orchestration. Since not everyone wants to write programs to manage their cloud, web consoles provide visual interfaces. ln many cases web consoles merely use the same APIs you can access directly.
Reference: CSA Security Guidelines V.4 (reproduced here for the educational purpose)


質問 # 37
Which of the following is NOT a characteristic of cloud computing?

  • A. Resource Pooling
  • B. Reduced personnel cost
  • C. On-demand self service
  • D. Metered service

正解:B

解説:
The characteristics of cloud computing are
1. 0n-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
2. Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms(e.g, mobile phones, tablets, laptops and workstations).
3. Resource pooling: The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction(e.g, country, state or datacenter).
Examples of resources include storage, processing, memory and network bandwidth.
4. Rapid elasticity: Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at anytime.
5. Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service(e.g, storage, processing, bandwidth and active user accounts).
Resource usage can be monitored, controlled and reported, providing transparency for the provider and consumer.


質問 # 38
Which of the following functions maps to all the phases of Data security life cycle?

  • A. Process
  • B. Destroy
  • C. Store
  • D. Read/Access

正解:D

解説:
Functions: There are three things we can do with a given datum:
. Read, View/read the data, including creating, copying, file transfers, dissemination, and other exchanges of information.
* Process. Perform a transaction on the data; update it; use it in a business processing transaction, etc.
. Store, Hold the data (in a file, database, etc.).


質問 # 39
Which of the following type of risk assessment most effectively supports cost-benefit analyses of alternative risk responses or courses of action?

  • A. Quantitative Analysis
  • B. Third party Risk Analysis
  • C. Outsourced risk analysis
  • D. Qualitative Analysis

正解:A

解説:
Quantitative assessments typically employ a set of methods, principles, or rules for assessing risk based on the use of numbers This type of assessment most effectively supports cost-benefit analyses of alternative risk responses or courses of action.


質問 # 40
Which is the correct sequence of Cloud Data lifecycle phases?

  • A. Create, Share, Use, Store, Archive, Destroy
  • B. Create, Use, Store, Archive, Share, Destroy
  • C. Create, Use, Share, Store, Archive, Destroy
  • D. Create, Store, Use, Share, Archive, Destroy

正解:D

解説:
The correct order of data lifecycle is Create, Store, Use, Share, Archive, Destroy


質問 # 41
Stopping a function to control further risk to business is called:

  • A. Acceptance
  • B. Transference
  • C. Avoidance
  • D. Mitigation

正解:C

解説:
Risk avoidance is the practice of coming up with alternatives so that the risk in question is not realised.


質問 # 42
How does running applications on distinct virtual networks and only connecting networks as needed help?

  • A. It reduces hardware costs
  • B. It enables you to configure applications around business groups
  • C. It locks down access and provides stronger data security
  • D. It provides dynamic and granular policies with less management overhead
  • E. It reduces the blast radius of a compromised system

正解:E


質問 # 43
Which one of the following is NOT a level of CSA star program?

  • A. Self-assessment
  • B. Third-party attestation
  • C. Technology Audit program
  • D. Continuous-monitoring program

正解:C

解説:
"Technology Audit Program" is not one of the levels of CSA star program The three levels of CSA Star program are
1) Self Assessment
2) Third-party Attestment
3) Continuous Monitoring program


質問 # 44
Which statement best describes the Data Security Lifecycle?

  • A. The Data Security Lifecycle has six stages, is strictly linear, and never varies.
  • B. The Data Security Lifecycle has six stages, can be non-linear, and is distinct in that data must always pass through all phases.
  • C. The Data Security Lifecycle has five stages, can be non-linear, and is distinct in that data must always pass through all phases.
  • D. The Data Security Lifecycle has six stages, can be non-linear, and varies in that some data may never pass through all stages.
  • E. The Data Security Lifecycle has five stages, is circular, and varies in that some data may never pass through all stages.

正解:D


質問 # 45
Like security and compliance. BC/DR is not a shared responsibility.

  • A. False
  • B. True

正解:B

解説:
This is True
Like security and compliance, BC/DR is a shared responsibility. There are aspects that the cloud provider has to manage, but the cloud customer is also ultimately responsible for how they use and manage the cloud service. This is especially true when planning for outages of the cloud provider (or parts of the cloud provider's service).
Ref Reference: CSA Security GuidelinesV.4(reproduced here for the educational purpose)


質問 # 46
One of the main reasons and advantage of having external audit is:

  • A. Its cheaper
  • B. Its independent
  • C. Internal staff is less qualified than external auditors.
  • D. Better tools used by external provider

正解:B

解説:
All other answers are distractors. One of the primary reasons of doing external auditing is the independence of auditors.


質問 # 47
What can be implemented to help with account granularity and limit
blast radius with laaS an PaaS?

  • A. Configuring role-based authentication
  • B. Implementing least privilege accounts
  • C. Establishing multiple accounts
  • D. Maintaining tight control of the primary account holder credentials
  • E. Configuring secondary authentication

正解:C


質問 # 48
Who is ultimately liable for all data loss and breaches in the cloud environment?

  • A. Cloud reseller
  • B. Cloud service provider
  • C. Cloud customer
  • D. Cloud access security broker(CASB)

正解:C

解説:
It is the customer who is ultimately responsible for any type of data loss or breaches


質問 # 49
Which of the following very important consideration when securing access to the Management Plane?

  • A. Service Administrator
  • B. Least Privilege
  • C. Remote Access VPN
  • D. Super Administrator

正解:B

解説:
Both providers and consumers should consistently only allow the least privilege required for users.
applications. and other management plane usage.
Reference: CSA Security Guidelines V.4(reproduced here for the educational purpose)


質問 # 50
Which term describes any situation where the cloud consumer does
not manage any of the underlying hardware or virtual machines?

  • A. Virtual machineless
  • B. Abstraction
  • C. Container
  • D. Serverless computing
  • E. Provider managed

正解:D


質問 # 51
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.

  • A. False
  • B. True

正解:B


質問 # 52
Metrics which govern the contractual obligations of cloud service are found in:

  • A. Service Book
  • B. Service Level agreements(SLA)
  • C. Contract itself
  • D. Operational Level Agreement(OLA)

正解:B

解説:
The SLA is the list of defined, specific, numerical metrics that will used to determine whether the provider is sufficiently meeting the contract terms during each period of performance.


質問 # 53
......

CCSK試験練習テスト問題:https://jp.fast2test.com/CCSK-premium-file.html

合格させるCCSK試験情報と無料練習テスト:https://drive.google.com/open?id=1bv7VZnGfrP7KIo9sv1T7gU5_Bopdng6X


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어